Web 2.0 and common sense

Web 2.0 and cloud computing seem to be getting equal amounts of publicity as of lately however despite public press about vulnerabilities associated with such, users are either unknowingly or unwillingly changing their habits and therefore fall victim to easily preventable compromises that are taking place.

Twitter has had overwhelming success in the past year and has grown well beyond initial expectations.  Facebook is another social networking site that has surpassed MySpace with nearly 200 million users.  Although there are pros to utilizing such sites, users must be aware that anytime a site generates that much traffic, bad things are to come.

In steps the latest exploit that has taken to the masses, the twitter-botnet.  Jose Nazario of Arbor Networks was the first to report on this activity taking place and gave a very thorough break down of what was/is exactly taking place.  It’s to be noted that this isn’t a vulnerability in Twitter but nearly old obfuscation techniques used in the Web 2.0 environment.  To sum it up, as you can read the complete blog post here, the malicious user would post a bit64 link which in turn resolved to a bit.ly address.  For those of you who don’t know what bit.ly is, it’s a tool/site used to shorten URL’s to allow them to be posted within the 140 character limit imposed by Twitter.  Obfuscation at it’s finest!  The malicious link is wrapped twice before directing you to the evil site where a gbpm.exe file is downloaded and you can guess what happens from there.  Typical drive-by download techniques used by attackers for whatever reason it may be.

Tom Eston, who presented at DefCon17 with Kevin Johnson last month, helped me out exponentially as both have had a stake in the latest social networking attacks.  It’s worth noting that Tom has also created a whitepaper on how to secure your Facebook settings in order to prevent/deter attacks and I highly suggest taking a look at it no matter how 1337 you may think you are.

So what’s next?  Obviously social networking sites are here to stay and are on the rise, but how do we prevent attacks in the future?  You don’t….yes that’s correct.  You’d be lying to yourself if you truly believed that we’ll be able to rid the Internet of malicious activity.  But then again if you believe that then you also believe that 2pac, Elvis, and Michael Jackson are all still alive and their deaths were nearly publicity stunts.  User awareness is always going to be the number one way of reducing compromises.  There are many elaborate attacks and even the most educated users can sometimes, and I use that loosely, fall victim.  If you get a friend request from President Obama and accept, you should refrain from ever using a computer again much less anything else in life.  It’s disturbing when you look at the amount of compromises and after analysis is complete you’ve come to the conclusion that it could have been avoided if the person behind the keyboard exhausted some common sense….

Leave a Reply